Denial of Service in OpenStack Neutron Affects Multiple Versions
CVE-2014-7821

Currently unrated

Key Information:

Vendor: Openstack
Status: Neutron
Vendor: CVE Published:; 24 November 2014

Summary

OpenStack Neutron is susceptible to a denial of service attack caused by a specific configuration in the DNS settings. An attacker with remote authenticated access can exploit a crafted value in the dns_nameservers configuration, leading to potential system crashes. This vulnerability highlights the importance of secure and validated configurations in network services.

References

http://rhn.redhat.com/errata/RHSA-2014-1938.html

vendor-advisoryx_refsource_REDHAT

https://exchange.xforce.ibmcloud.com/vulnerabilities/98818

vdb-entryx_refsource_XF

http://rhn.redhat.com/errata/RHSA-2015-0044.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Nov 24, 2014
Vulnerability Reserved
Oct 3, 2014